University of California San Francisco reportedly paid up $1.14 million to rescue their systems after the ransomware attack. The cybercriminals infested the servers at UCSF School of Medicine with malware that prevented them from accessing sensitive data. At least three universities were attacked in June alone. Robert Lemos shares more about the incident in this article at Dark Reading.
More on the Ransomware Attack
The perpetrator behind the ransomware attack was the NetWalker group. They also staged assaults on Michigan State University and Columbia College of Chicago. UCSF was working extensively on COVID-19 and coronavirus. They assured that there was no loss in research data or dip in patient welfare after the incident.
The ransomware attack happened on servers that had their academic research work on public welfare. To continue serving the society, the university decided to pay part of the ransom, i.e., $1.14 million. On 26th June, the university stated that the IT department detected the malware spread in the servers. They isolated the core UCSF systems to prevent further damages. Director of strategic threat at Darktrace, a threat protection firm, Marcus Fowler believes “speed and visibility is going to be the key.” Organizations must identify the ransomware attacks and stop them as quickly as possible.
How It Began
According to cybersecurity firm SentinelOne, NetWalker started targeting large organizations from 2019. Senior threat researcher Jim Walter observed that the group uses what is already present in the target network to prevent them from being identified early. In February, the hackers infested an Australian shipping and logistics company Toll Group. In March, they attacked several Spanish hospitals. They lured people to click on a PDF document that proclaimed to have the latest news on coronavirus. NetWalker previously promised not to attack hospitals and research centers. However, money won over ethics.
Walter remarks that being prepared for detection and cleanup after being hit by a ransomware attack is not enough. You must be vigilant from the get-go. Sources of BBC news confirm that ransom payment was initially $3 million. After a series of negotiations, UCSF was able to tone it down to 116.4 bitcoins or $1.14 million.
FBI is investigating the case. The school believes that the ransomware attack has not leaked any sensitive data as of now.
To view the original article, visit the following link: https://www.darkreading.com/attacks-breaches/university-of-california-sf-pays-ransom-after-medical-servers-hit/d/d-id/1338196
